Network traffic classification using a parallel neural network classifier architecture

Online traffic classification is an important capability for numerous applications, including network monitoring, QoS (Quality of Service) management, and anomaly detection. In this paper we propose an approach to classify TCP/IP network traffic based on a small set its statistical properties. Our approach relies on a Parallel Neural Network Classifier Architecture (PNNCA) for classification, and has been preliminarily tested for the classification of HTTP traffic in controlled environments. Our initial results have shown a Correct Classification Rate of 85% to 91%, depending on the characteristics of the test sets.

[1]  C.-C. Jay Kuo,et al.  Internet Traffic Classification for Scalable QOS Provision , 2006, 2006 IEEE International Conference on Multimedia and Expo.

[2]  Ivica Kostanic,et al.  Principles of Neurocomputing for Science and Engineering , 2000 .

[3]  Andrew W. Moore,et al.  Internet traffic classification using bayesian analysis techniques , 2005, SIGMETRICS '05.

[4]  R. Acharyya,et al.  Infrasound signal classification using parallel RBF Neural Networks , 2008 .

[5]  Vern Paxson,et al.  Empirically derived analytic models of wide-area TCP connections , 1994, TNET.

[6]  G. Zecevic Web based interface to SCADA system , 1998, POWERCON '98. 1998 International Conference on Power System Technology. Proceedings (Cat. No.98EX151).

[7]  Maurizio Dusi,et al.  Traffic classification through simple statistical fingerprinting , 2007, CCRV.

[8]  Andrew W. Moore,et al.  Discriminators for use in flow-based classification , 2013 .

[9]  Tom Fawcett,et al.  An introduction to ROC analysis , 2006, Pattern Recognit. Lett..

[10]  Azer Bestavros,et al.  Self-similarity in World Wide Web traffic: evidence and possible causes , 1996, SIGMETRICS '96.

[11]  Hilde Nybom,et al.  Introduction to Rosa , 2009 .

[12]  Bo Yang,et al.  Traffic classification using probabilistic neural networks , 2010, 2010 Sixth International Conference on Natural Computation.

[13]  Michalis Faloutsos,et al.  BLINC: multilevel traffic classification in the dark , 2005, SIGCOMM '05.

[14]  Marco Carvalho,et al.  Agent-Based Immunological Intrusion Detection System for Mobile Ad-Hoc Networks , 2008, ICCS.

[15]  David Moore,et al.  The CoralReef Software Suite as a Tool for System and Network Administrators , 2001, LISA.

[16]  Sebastian Zander,et al.  Self-Learning IP Traffic Classification Based on Statistical Flow Characteristics , 2005, PAM.